Today Łukasz Jagiełło did spake thusly:
2008/5/15 Scott van Looy <scott@xxxxxxxxxxx>:
May 15 12:04:00 novak sshd[21433]: Connection from 193.239.125.119 port
54204
May 15 12:04:01 novak sshd[21433]: Invalid user style from 193.239.125.119
May 15 12:04:01 novak sshd[21434]: input_userauth_request: invalid user
style
May 15 12:04:03 novak sshd[21433]: Failed password for invalid user style
from 193.239.125.119 port 54204 ssh2
May 15 12:04:03 novak sshd[21434]: Received disconnect from 193.239.125.119:
11: Bye Bye
Lots and lots. Around 1 every 5 seconds.
So I ran
iptables -A INPUT -s 193.239.125.119 -j DROP
and was surprised to see them attacks continue
Ran iptables -L just to make sure my rule was there and it was
in the end had to use hosts.deny to block the IP
Anyone got any ideas why?
What about policy at INPUT ?
REJECT all -- anywhere anywhere reject-with
icmp-host-prohibited
It's the standard firewall created with system-config-firewall
Incidentally, how on earth do I add custom rules to
system-config-firewall? I add them manually, save them, check
/etc/sysconfig/iptables and they're listed, run system-config-firewall and
they're not included. And I have no idea what to put in the Custom rules
box. And I can't find any docs anywhere!
--
Scott van Looy - email:me@xxxxxxxxxxxxxx | web:www.ethosuk.org.uk
site:www.freakcity.net - the in place for outcasts since 2003
PGP Fingerprint: 7180 5543 C6C4 747B 7E74 802C 7CF9 E526 44D9 D4A7
-------------------------------------------
|/// /// /// /// WIDE LOAD /// /// /// ///|
-------------------------------------------
McDonald's -- Because you're worth it.--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
